The sharing of information is often hindered by security policies that govern the release of information. Even if some policies allow a person or organization to receive a piece of information, other policies may forbid releasing the information because the information may be embedded within more sensitive information, e.g. within a sensitive document. The policies may also forbid releasing the information because the information resides on a sensitive network and the information is not explicitly marked as being releasable, or because the information is labeled as being more sensitive than it actually is. Typically, in such situations, the information can only be released through a manual process that involves a qualified human reviewing the information and redacting any sensitive information prior to releasing the information. Human review is required for releasability decisions because current automatic mechanisms cannot reliably interpret most types of information. Computational approaches can match strings and look for sensitive words, but they cannot process the semantics or meaning of the information. However, human review is too slow and too expensive to allow large amounts of information to be shared. Existing methods for sharing information based on semantics, such as the methods described in “Security Guards for the Future Web” a Mitre technical report by Dr. Nancy Reed (“Mitre”), use logical reasoning and ontology to determine what information is releasable. For example, Mitre uses queries to extract information to be shared or passed through a security guard. Any information that is not extracted is not released.
Accordingly, there is a need for an automatic mechanism for information sharing that can, with high assurance, process the semantics of the information and make correct releasability decisions.